All Apps and Add-ons

Splunk Add-on for Check Point OPSEC LEA: Are the errors received on splunkd due to a bug or using an older version of the add-on?

Explorer

We are using the Splunk Add-on for Check Point OPSEC LEA 3.1.0 version and getting lots of errors in splunkd. Trouble is that it's got something going on and is accounting for about 94% of all errors.

Error: 
message from"/users/splunk/prod/splunk/etc/apps/Splunk_TA_opseclea_linux22/bin/lea-logggrabber.sh --configentity" mode: non_audit

I know there is an updated add-on for this, but I was wondering if this is just a config issue versus a bug issue? if a simple update of the add-on would be a fix then great, just not sure. advice welcomed.

Path Finder

do not update unless your checkpoint environment meets the requirements of the most recent release.

0 Karma